Energy Industry Cyber Security
Nation-state, organised cyber criminals and hacktivists increase the need for specialist OT security.
The Energy sector is a key target for cyber attackers
An industry-wide survey conducted by Siemens and the Ponemon Institute in the summer of 2019, asked utility sector cyber security officers about the frequency of cyber attacks. Respondents estimated that 30% of cyber attacks on OT went undetected.
Saudi Aramco, a leading producer of energy and chemicals became the target of cyber attacks in 2017 when hackers targeted the safety system in one of the company’s petrochemical plants. Experts believe that, despite the plant shutting down, an incident could have taken place. The attack used Triton, a sophisticated malware that can attack industrial control systems. The attacker’s tools indicate that it has prepared to conduct operations that can last several years.Independent
Energy Industry Cyber Security
From nation-state actors, to organised cyber criminals targeting massive economic value, and hacktivists wanting to get their voice heard, the power industry is seeing continued increases in the number and complexity of attacks.
Like other industries, the continued digitalisation of platforms within powerplants, combined with legacy technology and new mainstream technology with Industry Internet of Things (IIoT), is introducing new security risks.
Traditional security methods are no longer enough. Additional security barriers through an ‘always on’ 24×7 OT Security Platform, designed specifically for Operational Technology, are required.
Operational Technology (0T)
Safety and availability are priority physical risks within power production. With possible cyber attacks targeting power generation, transmission, and distribution, increased security is required. Traditional enterprise cyber security technology was never designed to protect interfaces in the physical world like Supervisory Control and Data Acquisition (SCADA), Industrial Control Systems (ICS), and Distributed Control Systems (DCS).
With nation-states actively attempting to disrupt power-grids, increased protection of your mission critical infrastructure through a specialist Operational Technology cyber security platform is critical to your operations.
Energy Security Platform
Fundamentals First have taken an industry standard, Operational Technology platform and combined it with an enterprise Security Operations Centre (SOC). Not only can we offer you state of the art protection within your facility, but we can also patch, monitor, and proactively hunt security issues across your desktop, server and network estate.
Put yourself in control, with a single pane of glass service that protects both your corporate technology and Operational Technology in one.
“Develop an integrated security strategy across IT, OT and Risk teams.”
“Complex and high impact cyber attacks which target operational industries are increasing exponentially. Many styles of Operational Technology cyber attacks are being seen, from malware attacks targeting safety systems, to ransomware locking companies out of their core IT systems. Focus on a holistic approach that covers general controls, enterprise architecture, enterprise risk management, IT service management, physical security, IT security, and OT security.”
Protecting the Energy Sector
In 2018, the National Cyber Security Centre (NCSC) highlighted that compromises in the supply chain was one of the largest threats facing UK organisations. With energy generation being a backbone of the economy and a stable society, and adoption of remote monitoring and support on the rise, it is unsurprising that governments and the industry continue to be concerned about cyber security.
With over a third of Industry Control Systems (ICS) having malicious objects blocked in H1 2020, organisations in the energy sector need a robust cyber strategy that incorporates a platform that can visibly map all assets in their facilities, create segmented security zones, monitor and block unusual activity, and validate raw electrical signals from devices.
Operational Technology Cyber Security Platform Benefits
24×7 Remote OT Monitoring
The Nuclear Power Corporation of India Limited reported in 2019 that its newest Nuclear Power plant was the victim of a cyber attack, using malware designed for data extraction. The malware known as Dtrack was used, linked to the Lazarus Group, designed to monitor and gather intelligence across networks, it targeted administrative systems. Officials stated the attack was isolated from the critical internal network, however experts debated the accuracy of the claim.The Nuclear Power Corporation of India Limited
Get In Touch
Operating core national infrastructure without the appropriate Operational Technology cyber security is high risk.
To help you discover your level of risk, and to illustrate return on investment, we offer you a consultation. Based on the consultation, a set of recommendations will be presented.
We help businesses of all sizes release their potential
Get in touch and we’ll advise how we can help.